Multifunction peripheral (MFP) and a method for restricting use thereof

ABSTRACT

A multifunction peripheral (MFP) and a method for restricting the use of the same. A user ID and a password are registered according to a user&#39;s input, accessible functions are set according to the registered user, and even the authenticated user is restricted to using only the set functions. Therefore, use of the MFP and specific functions of the MFP can be restricted according to the particular registered user.

CROSS-REFERENCE TO RELATED APPLICATION

This application is a continuation of U.S. patent application Ser. No. 11/302,359, filed on Dec. 14, 2005, which claims the benefit under 35 U.S.C. §119(a) of applications filed in the Korean Intellectual Property Office on Dec. 15, 2004 and Oct. 19, 2005 and assigned Serial No. 2004-105996 and Serial No. 2005-98602, respectively. The entire contents of all of the foregoing applications are hereby incorporated by reference in their entirety.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to a multifunction peripheral (MFP). More particularly, the present invention relates to a method for restricting the use of a multifunction peripheral (MFP) to a registered user.

2. Description of the Related Art

A conventional multifunction peripheral (MFP) such as printer, scanner or facsimile machine is not only able to serve as a mere office machine but can also receive e-mails and access Internet websites when the MFP is equipped with a multimedia function. The MFP comprises a communication device 30 so as to connect to external networks such as the Internet and utilize related functions by driving the appropriate application programs, for example, a web browser program or an e-mail program. Additionally, the e-mail contents and information on the websites can be printed out using the printer function of the MFP. As is well known in the art, a computer program can be defined as a set of instructions (program codes) in a logical sequence interpreted and executed by a computer enabling the computer to perform a required function or instruction.

FIG. 1 shows a conventional MFP. As shown in FIG. 1, an MFP 10 comprises a computer application enabling e-mail functions with a mail server 90 through a network, such as the Internet 80. The MFP 10 comprises a memory unit 50 comprising storage mediums such as hard disc drive (HDD) to record therein user information, a directory of e-mail addresses, Internet websites and phone numbers, and files for storing print jobs for printing. The various functions of the MFP can be set for use by a particular user by manipulating an operation panel 20 through a display unit 22.

More specifically, the MFP 10 comprises the operation panel 20, the display unit 22, the memory unit 50 and a control unit 70. The operation panel 20 serves as an input means for inputting addresses using a uniform resource locator (URL) of the Internet websites: and setting assorted functions. The display unit 22 shows the functions selected through the operation panel 20 and the working state of the MFP. The memory unit 50 stores information regarding the input signals of the operation panel 20, general printing work files and scanned data. The memory unit 50 also stores information of a user and a manager of the apparatus and the directory of e-mail addresses, Internet websites and phone numbers. The control unit 70 connects with the Internet 80 through a communication device 30 and reads out a web document from websites to output the document to a printing unit 60. Also, the control unit 70 may perform a scan-to-e-mail function to transmit data scanned by a scan unit 40 to a certain site via e-mail.

The communication device 30 transmits the web document to the mail server 90 using an e-mail address transmitted from the control unit 70 through the Internet 80. Such a communication device 30 may comprise a network interface card such as a modem or a local area network (LAN) card, capable of transmitting e-mails and processing signals.

Since the conventional MFPs are used in an office, being interconnected by networks, any user on the same network can access the conventional networked MFP without restriction. In other words, there has not been any restriction to only a few approved users in using a certain networked MFP, nor has there been a restriction from using the special functions of the networked MFP.

Such unrestricted use of the MFP by an unauthorized user or of unauthorized functions may increase the waste of resources.

SUMMARY OF THE INVENTION

An aspect of the present invention is to solve at least the above problems and/or disadvantages and to provide at least the advantages described below. Accordingly, an aspect of the present invention is to provide a multifunction peripheral (MFP) apparatus capable of separately managing the right to use the apparatus based on the particular users desiring to use the apparatus and specific functions accessible to a particular user, and a method for the same.

In order to achieve the above-described aspects of the present invention, there is provided a method for restricting the use of a multifunction peripheral (MFP) apparatus, wherein only an authenticated user is permitted to use the MFP. Functions of the MFP are restricted according to the authentication of the user requesting to use the MFP.

The functions of the MFP comprise at least one of printing, scanning, copying, facsimileing and e-mailing. The use of the different functions of the MFP is permitted through the authentication of a user ID and a user password.

According to another aspect of the present invention, there is provided a method for restricting the use of the functions of an MFP comprising the steps of registering a user; authenticating the registration of the user; and permitting only an authenticated user in the authenticating step to use the MFP. The method may further comprise the step of restricting even the authenticated user to using the permitted functions in use.

The functions of the MFP comprise at least one of printing, scanning, copying, faxing and e-mailing. Such functions of the MFP may be combined to create other functions, including scan-to-fax and scan-to-e-mail, as illustrated in FIG. 4.

The registering step comprises the steps of inputting user identification (ID) and a password according to the user; and setting functions requiring authentication according to the input of a user ID and the password and registering the functions in the MFP. The authenticating step further comprises the steps of displaying a user authentication program for input of the user ID and the password; and authenticating the user when the input user ID and the password correspond to those users registered to use the MFP.

In order to achieve the above aspects of the present invention, there is provided an MFP capable of restricting use thereof according to a user, the MFP comprising a user management unit configured for user registration and user authentication; and a control unit for controlling the functions of the MFP when the user is authenticated through the user management unit.

The user management unit comprises a user registration part for registering a user by a user ID and a password and registering permitted functions according to the registered user; and a user authentication part for displaying a user authentication program for facilitating the input of the user's ID and password.

For the user registration, the permitted functions are set and registered according to the user's ID and password. The control unit controls the MFP so that even the authenticated user is restricted to the permitted functions in use.

BRIEF DESCRIPTION OF THE DRAWING FIGURES

The above aspects and other features of the present invention will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawing figures, in which;

FIG. 1 is a block diagram of a conventional multifunction peripheral (MFP);

FIG. 2 is a block diagram of an MFP according to an embodiment of the present invention;

FIG. 3 is a flowchart for explaining processes of registering a user according to an embodiment of the present invention;

FIG. 4 shows an example of a user registration program for an MFP according to an embodiment of the present invention;

FIG. 5 is a flowchart of an exemplary process for authenticating a user according to an embodiment of the present invention; and

FIG. 6 is a flowchart for explaining another exemplary process of authenticating a user according to an embodiment of the present invention.

FIG. 7 is a flowchart for explaining still another process of authenticating a user according to security levels of a document.

It should be understood that throughout the drawings like reference numbers refer to like features, structures and elements.

DETAILED DESCRIPTION OF EXEMPLARY EMBODIMENTS

Hereinafter, certain exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawing figures.

The matters defined in the description such as a detailed construction and elements are provided to assist in a comprehensive understanding of the invention. Descriptions of well-known functions or constructions are omitted for the sake of clarity and conciseness.

FIG. 2 is a schematic block diagram of a system comprising a multifunction apparatus (MFP) according to an embodiment of the present invention. The system comprises an MFP 100, the Internet 200, a mail server 210 and an admin client 220.

The MFP 100 preferably comprises an operation panel 120, a communication device 130, a scanning unit 140, a memory unit 150, a printing unit 160, a control unit 170 and a user management unit 180.

The operation panel 120 comprises a key matrix and a display unit 122. The key matrix comprises a plurality of numeric keys and function keys for setting functions according to menus so as to input uniform resource locators (URLs), set various functions and request registration of a user according to an embodiment of the present invention. The operation panel 120 serves as an input means for supplying the control unit 170 with key data generated by the key operation. The display unit 122 shows the functions selected through the operation panel 120 and the working state of the MFP.

The communication device 130 is connected to the mail server 210 and the admin client 220, which are the external devices, through the Internet 200 to mutually apply communication interface. The communication device 130 informs the mail server 210 of a web document by an e-mail address transmitted from the control unit 170 through the Internet 200. Also, when user registration is requested by the admin client 220 through the Internet 200, the control unit 170 controls the display of a user registration program (FIG. 4) stored in a user registration part 182. The communication device 130 may comprise a network interface card such as modem and local area network (LAN) card.

When a data transmission mode or a copy mode is set to serve as a facsimile or a copy machine, the scan unit 140, being regulated by the control unit 170, reads out a document being inserted, converts the read document to image data and transmits the image data back to the control unit 170.

The memory unit 150 comprises a read-only memory (ROM) and a random access memory (RAM). The ROM is a non-volatile memory which stores various control programs for performing various functions of the MFP 100, such as controlling firmware for converting data scanned by the scan unit 140 to digital data, and a data transmission protocol. The RAM is a volatile memory which stores various data generated during the operations of the MFP 100 and also temporarily stores the scanned data and facsimile data received from the external devices through the communication device 130.

The printing unit 160 connects with the Internet 200 through the communication device 130 to read and output a web document from corresponding sites or output a document designated by the control unit 170.

The user management unit 180 comprises the user registration part 182 and a user authentication part 184. A non-volatile memory may be used for the user management unit 180. The user registration part 182 registers users of the MFP 100 and also registers users' rights to use the respective functions of the MFP 100 according to functions permitted to be used by the registered users. To this end, the user registration part 182 comprises an MFP user registration program. Referring to FIG. 4, an exemplary graphical user interface 400 of the MFP user registration program is preferably configured to input a user's identification (ID) and a password and check functions to be allowed for use according to the requests of the registered users. Preferably, the user registration program has a map structure for easy registration by general users. The password is used for the user authentication when use of the MFP 100 is demanded by a user. By checking only specific functions, the access to any function of the MFP 100 of even an authenticated user can be restricted to the checked specific functions. In the exemplary graphical user interface 400 shown in FIG. 4, at least one of print, scan, scan-to-e-mail, facsimile (FAX) and copy functions can be checked to be allowed for use according to the users. Registration of the users through the MFP user registration program can be achieved by control of the control unit 170 through the communication device 130 when user registration is requested from the admin client 220 through the Internet 200.

When the MPF 100 or the admin client 220 requests use of the MFP 100, the user authentication part 184 presents a user authentication program through the display unit 122 for a user to input the user ID and password using the operation panel 120. The user authentication program interface (not shown) may have the same configuration as the user registration program graphical user interface 400, or may be configured to input only the user ID and the password. When the input user ID or the password is wrong, the control unit 170 controls to present an error message through the display unit 122. When the user ID and the password are correctly input, the control unit 170 authenticates the user's identity and, if the user requests to use certain functions such as a copy and facsimile function, checks whether the user is permitted to use the requested functions. When the user is not permitted to use the requested functions, the control unit 170 sends a signal to present an error message through the display unit 122. The error message may include an audible signal as well as a visual signal. When the requested functions are permitted to be used by the user, on the other hand, the control unit 170 controls the MFP 100 to perform the requested functions.

The user management unit 180 may be implemented by the memory unit 150 built into the general MFP 100, instead of the non-volatile memory as used in this embodiment.

The control unit 170 regulates the overall operations of the MFP 100 according to the control programs stored in the memory unit 150. The control unit 170 operates the MFP 100 by key signals of the operation panel 120 in one of a printing mode, a scanning mode, a facsimile mode, a copy mode and an e-mail transmission mode. Additionally, according to an embodiment of the present invention, the control unit 170 enables the user registration and user authentication through the admin client 220 or the MFP 100. Preferably, during mode conversion, which comprises switching between the various modes of the MFP 100, by the authenticated user, the control unit 170 may enable the mode conversion only among the permitted functions.

The mail server 210 comprises a predetermined application program and hardware for transmitting e-mails received from the control unit 170 to respective addresses through the communication device 130.

The admin client 220, as a network program, may comprise a general application or a web-page for registering the user to the MFP 100. It is preferable that the user registration can be achieved only through the admin client 220.

Herein below, a method for restricting the use of the MFP 100 will be described according to another embodiment of the present invention.

Processes of registering the user will now be described with reference to a flowchart of FIG. 3. The control unit 170 determines whether the user registration is requested through the operation panel 120 or the admin client 220 (S210). When the user registration is requested in step S210, the control unit 170 presents the MFP user registration program (FIG. 4) through the display unit 122 (S220). After the user ID, the password and the permitted functions are set, according to the user's selections through the MFP user registration program displayed, in step S230, the control unit 170 stores the MFP user registration program registered with user ID, the password and the right to use the respective functions in the user registration part 182, thereby completing the user registration process (S240).

Herein below, the process of user authentication, after the user registration is completed, will be described with reference to the flowchart of FIG. 5. When use of the MFP 100 is requested by a certain user through the operation panel 120 or the communication device 130, the control unit 170 reads out from the user authentication part 184 and displays through the display unit 122 the user authentication program interface (S310). Here, the user authentication program may have the same configuration as the MFP user registration program (FIG. 4) or be configured to input only the user ID and the password.

After the user ID and the password are input through the operation panel 120, the control unit 170 determines whether the input user ID and the password corresponding with those registered in the user registration part 182, thereby performing the user authentication (S320). When the user is not authenticated in step S320, the control unit 170 presents an error message (S322). When the user is authenticated, certain functions are requested to be used (S330). The error message may notify that the user is not authenticated. The control unit 170 checks whether the user has the right to use the respective functions based on the user's registration in the user registration part 182 to determine whether use of the requested function is permitted to be used by the user (S340). If the use of the requested function is permitted to be used by the user, the control unit 170 controls the performance of the requested function (S350) and if not, presents the error message and repeats the step S330 (S360). Here, the error message may notify the user that the requested function is not permitted to be used by the requesting user, so that only the permitted functions can be performed.

According to this embodiment, after the user authentication, the right to use a function is checked according to the user's registration. However, the right to use a function can be checked when the user first desires to use certain functions of the MFP 100 by inputting the user ID and the password. More specifically, as shown in FIG. 6, when performance of certain functions of the MFP 100 is requested (S410), the control unit 170 presents the user authentication program to be input with the user ID and the password (S420). Upon input of the user ID and the password, the control unit 170 determines whether the requested functions are permitted to the user of the input user ID and the password (S430). If the user is authenticated and permitted to use the functions, the control unit 170 controls the MFP 100 to perform the requested functions (S450). If the user is not permitted to use the functions as a result of the determination made in step 430, the control unit 170 presents the error message through the display unit 122 and repeats step S410.

Although, both the user ID and the password are required for user authentication in this embodiment of the present invention, the user authentication may be achieved simply by inputting one of either the user ID or password.

As can be appreciated from the above description, by restricting the use of the respective functions of the MFP 100 according to a user's registration, the MFP 100 can be more efficiently managed.

By the MFP 100 and the method for controlling the same according to embodiments of the present invention, unauthorized information disclosure through the MFP 100 and waste of consumables by unrestricted use can be prevented.

FIG. 7 is a flowchart for explaining still another process of authenticating a user according to security levels of a document.

According to this, a certain security level such as top secret, confidential, and normal, is assigned to the document so that the functions of the MFP can be accessed according to the security level of the document and the right to use of the respective functions of the MFP.

For example, all the functions of the MFP are restricted for use when the top secret level is assigned to the document, only general copy is enabled when the confidential level is assigned to the document, and all the functions are accessible when the normal level is assigned to the document.

As shown in FIG. 7, when performance of certain functions of the MFP 100 is requested (S510), the control unit 170 shows a user authentication program interface to be input with the user ID and the password (S520). Upon input of the user ID and the password, the control unit 170 determines whether the requested functions are permitted to the user of the input user ID and the password (S530).

When the user is not permitted to use the functions as a result of the step S530, the control unit 170 presents the error message through the display unit 122 (S540) and repeats step S510.

When the user is permitted to use the functions as a result of the step S530, the control unit 170 determines the security level of the corresponding document (S550).

Therefore, the control unit detects an invisible watermark based on data copied from the corresponding document, thereby reading out the security levels such as top secret, confidential, and default. Since such processes are generally performed through scanning or copying, detailed description thereof will be omitted herein.

According to the security level of the document, read in step S550, the control unit 170 determines whether the authenticated function is permitted by the security level of the corresponding document (S560).

Step S560 is required because even the authenticated user may be restricted to the permitted functions such as copying, facsimileing, and scanning, according to the security levels.

When use of the function permitted to using by user in the above step is not permitted by the security level of the document, the control unit 170 may present the error message notifying unavailableness of the function so as to call the user's attention (S580).

When the permitted function is also permitted by the security level of the document, the control unit 170 performs the corresponding function and ends the operation (S570).

As described above, according to the MFP and a controlling method thereof according to an embodiment of the present invention, information can be prevented from being disclosed unintentionally through the MFP by restricting use of the respective functions of the MFP based on the particular user and the security level assigned to the document. Also, waste of consumables by unrestricted use can be prevented.

While the invention has been shown and described with reference to certain embodiments thereof, it will be understood by those skilled in the art that various changes and modifications in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. 

What is claimed is:
 1. A method for restricting the use of functions of a multifunction peripheral executed by a controller, comprising the steps of: registering a user using a user interface associated with the multifunction peripheral; authenticating the registration of the user; and permitting a registered user authenticated in the authenticating step to use the multifunction peripheral; wherein one or more functions of the multifunction peripheral is accessible to the authenticated user and the one or more functions that is accessible to the authenticated user is not accessible to a non-authenticated user.
 2. The method of claim 1, wherein the registering step comprises the steps of: inputting a user identification (ID) and a password corresponding to a particular user; and setting respective functions of the multifunction peripheral requiring authentication according to the input user ID and the password and registering the set functions in the multifunction peripheral.
 3. The method of claim 2, further comprising the step of restricting the authenticated user to using only the functions set in the setting step.
 4. The method of claim 2, wherein the functions of the multifunction peripheral comprise at least one of printing, scanning, scanning-to-e-mail, copying, facsimileing and e-mailing.
 5. The method of claim 4, wherein the authenticating step further comprises the steps of: displaying a user authentication program interface for input of the user ID and the password; and authenticating the user when the input user ID and the password correspond to the input user ID and the password registered in the multifunction peripheral.
 6. A multifunction peripheral capable of restricting use thereof according to a user, the multifunction peripheral comprising: a user management unit configured for facilitating user registration and user authentication; and a control unit for controlling the functions of the multifunction peripheral requested by a user after the user is authenticated through the user management unit and the user has registered to use the requested function; wherein one or more of the functions of the multifunction peripheral is accessible to the authenticated user and the one or more functions that is accessible to the authenticated user is not accessible to a non-authenticated user.
 7. The multifunction peripheral of claim 6, wherein the user management unit comprises: a user registration part for registering a user by a user ID and a password and registering a user to use at least one of the respective functions of the multifunction peripheral; and a user authentication part for displaying a user authentication program user interface for inputting the user ID and the password.
 8. The multifunction peripheral of claim 6, wherein the functions of the multifunction peripheral comprise at least one of printing, scanning, scanning-to-email, copying, facsimileing and e-mailing.
 9. The multifunction peripheral of claim 6, wherein the use of at least one of the respective multifunction peripheral functions is set and registered according to the user ID and the password.
 10. The multifunction peripheral of claim 9, wherein the control unit controls the multifunction peripheral so that even the authenticated user is restricted to using only the functions set during user registration.
 11. A non-transitory computer readable medium of instructions for controlling a computer to perform a method comprising the steps of: registering a user using a user interface associated with the multifunction peripheral; authenticating the registration of the user; and permitting a registered user authenticated in the authenticating step to use the multifunction peripheral; wherein one or more functions of the multifunction peripheral is accessible to the authenticated user and the one or more functions that is accessible to the authenticated user is not accessible to a non-authenticated user; wherein at least one function that is accessible to the authenticated user is not accessible to a non-authenticated user.
 12. The computer readable medium of instructions of claim 11, wherein the registering step comprises the steps of: inputting a user identification (ID) and a password corresponding to a particular user; and setting respective functions of the multifunction peripheral requiring authentication according to the input user ID and the password and registering the set functions in the multifunction peripheral.
 13. The computer readable medium of instructions of claim 12, wherein the method further comprises the step of restricting the authenticated user to using only the functions set in the setting step.
 14. The computer readable medium of instructions of claim 12, wherein the functions of the multifunction peripheral comprise at least one of printing, scanning, scanning-to-e-mail, copying, facsimileing and e-mailing.
 15. The computer readable medium of instructions of claim 14, the authenticating step further comprises the steps of: displaying a user authentication program interface for input of the user ID and the password; and authenticating the user when the input user ID and the password correspond to the input user ID and the password registered in the multifunction peripheral.
 16. A method for restricting use of functions of a multifunction peripheral based on a security level assigned to a document, comprising the steps of: registering a user; authenticating registration of a user; determining a security level of the document; and permitting an authenticated user in the authenticating step to use only the functions of the multifunction peripheral permitted by the security level; wherein one or more of the functions of the multifunction peripheral is accessible to the authenticated user and the one or more functions that is accessible to the authenticated user is not accessible to a non-authenticated user.
 17. The method of claim 16, wherein the registering step comprises the steps of: inputting a user identification (ID) and a password according to users; and setting functions requiring authentication according to the input user ID and the password and registering the functions in the multifunction peripheral.
 18. The method of claim 17, wherein the authenticating step further comprises the steps of: displaying a user authentication program interface for input of the user ID and the password; and authenticating the user when the input user ID and the password correspond to the user ID and the password registered in the multifunction peripheral. 